Description
Improper access control in the WCF endpoint in Edgemo (now owned by Danoffice IT) Local Admin Service 1.2.7.23180 on Windows allows a local user to escalate their privileges to local administrator via direct communication with the LocalAdminService.exe named pipe, bypassing client-side group membership restrictions.
Published: 2026-01-30
Score: 7.1 High
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation
Action: Apply Patch
AI Analysis

Impact

Improper access control in a Windows Communication Foundation endpoint within the Local Admin Service allows a local user to raise their privileges to that of a local administrator. By directly communicating with the LocalAdminService.exe named pipe, a user can bypass client‑side group membership checks and gain administrative rights, which compromises system integrity and confidentiality on that device.

Affected Systems

The vulnerability affects Edgemo (now Danoffice IT) Local Admin Service 1.2.7.23180 running on Windows operating systems. Systems using this specific version are susceptible if the LocalAdminService.exe component is present.

Risk and Exploitability

The CVSS score of 7.1 indicates a high severity of potential impact. However, the EPSS score of less than 1% suggests a very low exploitation probability at present, and the flaw is not listed in the CISA Known Exploited Vulnerabilities catalog. Attackers would need local access to the affected machine and would exploit the named pipe directly, so the vector is local rather than remote.

Generated by OpenCVE AI on April 18, 2026 at 01:13 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the latest version of the Local Admin Service that resolves the access‑control flaw.
  • If no patch is available, restrict or deny non‑administrator access to the LocalAdminService.exe named pipe by adjusting Windows security permissions or removing the pipe.
  • Disable or uninstall the Local Admin Service on systems where it is not required.
  • Monitor Windows event logs for unexpected access attempts to the LocalAdminService.exe named pipe and investigate anomalies.

Generated by OpenCVE AI on April 18, 2026 at 01:13 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 03 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
First Time appeared Danofficeit
Danofficeit local Admin Service
Weaknesses NVD-CWE-Other
CPEs cpe:2.3:a:danofficeit:local_admin_service:1.2.7.23180:*:*:*:*:windows:*:*
Vendors & Products Danofficeit
Danofficeit local Admin Service
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Tue, 03 Feb 2026 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Danoffice It
Danoffice It local Admin Service
Vendors & Products Danoffice It
Danoffice It local Admin Service

Mon, 02 Feb 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 30 Jan 2026 06:30:00 +0000

Type Values Removed Values Added
Description Improper access control in the WCF endpoint in Edgemo (now owned by Danoffice IT) Local Admin Service 1.2.7.23180 on Windows allows a local user to escalate their privileges to local administrator via direct communication with the LocalAdminService.exe named pipe, bypassing client-side group membership restrictions.
Title Local Privilege Escalation in Local Admin Service
Weaknesses CWE-250
References
Metrics cvssV4_0

{'score': 7.1, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/AU:Y'}

Subscriptions

Danoffice It Local Admin Service
Danofficeit Local Admin Service
cve-icon MITRE

Status: PUBLISHED

Assigner: NCSC-FI

Published:

Updated: 2026-02-02T16:33:39.478Z

Reserved: 2026-01-30T05:57:27.965Z

Link: CVE-2026-1680

cve-icon Vulnrichment

Updated: 2026-01-30T14:35:55.068Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-30T07:16:15.350

Modified: 2026-03-03T15:06:54.563

Link: CVE-2026-1680

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T01:15:05Z

Weaknesses